From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6589F13835A for ; Thu, 29 Oct 2020 13:09:02 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7C0B3E0985; Thu, 29 Oct 2020 13:09:01 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 5909BE0985 for ; Thu, 29 Oct 2020 13:09:01 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id EA08B340BB9 for ; Thu, 29 Oct 2020 13:08:59 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 746A93B8 for ; Thu, 29 Oct 2020 13:08:58 +0000 (UTC) From: "Matt Turner" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Matt Turner" Message-ID: <1603976916.befeef9cf3acaef27161a37197ec9f49e80ef4e0.mattst88@gentoo> Subject: [gentoo-commits] proj/catalyst:pending/mattst88 commit in: catalyst/, catalyst/base/ X-VCS-Repository: proj/catalyst X-VCS-Files: catalyst/base/stagebase.py catalyst/context.py catalyst/main.py X-VCS-Directories: catalyst/base/ catalyst/ X-VCS-Committer: mattst88 X-VCS-Committer-Name: Matt Turner X-VCS-Revision: befeef9cf3acaef27161a37197ec9f49e80ef4e0 X-VCS-Branch: pending/mattst88 Date: Thu, 29 Oct 2020 13:08:58 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: ab06542c-c154-4ed3-bbb8-0554a50847c3 X-Archives-Hash: 443cf3d2e515625021dd2846925e6b82 commit: befeef9cf3acaef27161a37197ec9f49e80ef4e0 Author: Matt Turner gentoo org> AuthorDate: Wed Oct 28 21:59:17 2020 +0000 Commit: Matt Turner gentoo org> CommitDate: Thu Oct 29 13:08:36 2020 +0000 URL: https://gitweb.gentoo.org/proj/catalyst.git/commit/?id=befeef9c catalyst: Add and use namespace context manager Signed-off-by: Matt Turner gentoo.org> catalyst/base/stagebase.py | 6 ++++-- catalyst/context.py | 33 +++++++++++++++++++++++++++++++++ catalyst/main.py | 17 +++++++---------- 3 files changed, 44 insertions(+), 12 deletions(-) diff --git a/catalyst/base/stagebase.py b/catalyst/base/stagebase.py index da133bf2..2bbbb987 100644 --- a/catalyst/base/stagebase.py +++ b/catalyst/base/stagebase.py @@ -14,6 +14,7 @@ from snakeoil.osutils import pjoin from DeComp.compress import CompressMap from catalyst import log +from catalyst.context import namespace from catalyst.defaults import (confdefaults, MOUNT_DEFAULTS, PORT_LOGDIR_CLEAN) from catalyst.support import (CatalystError, file_locate, normpath, cmd, read_makeconf, ismount, file_check, @@ -1392,8 +1393,9 @@ class StageBase(TargetBase, ClearBase, GenBase): if not self.run_sequence(self.prepare_sequence): return False - if not self.run_sequence(self.build_sequence): - return False + with namespace(mount=True): + if not self.run_sequence(self.build_sequence): + return False if not self.run_sequence(self.finish_sequence): return False diff --git a/catalyst/context.py b/catalyst/context.py new file mode 100644 index 00000000..f5d240ea --- /dev/null +++ b/catalyst/context.py @@ -0,0 +1,33 @@ + +import contextlib +import os + +from snakeoil.process.namespaces import setns, simple_unshare + +@contextlib.contextmanager +def namespace(mount=False, uts=False, ipc=False, net=False, pid=False, + user=False, hostname=None): + namespaces = { + (mount, "mnt"): None, + (uts, "uts"): None, + (ipc, "ipc"): None, + (net, "net"): None, + (pid, "pid"): None, + (user, "user"): None, + } + pid = os.getpid() + + # Save fds of current namespaces + for ns in [ns for ns in namespaces if ns[0]]: + fp = open(f"/proc/{pid}/ns/{ns[1]}") + namespaces[ns] = fp + + simple_unshare(mount=mount, uts=uts, ipc=ipc, net=net, pid=pid, user=user, + hostname=hostname) + try: + yield None + finally: + for ns in [ns for ns in namespaces if ns[0]]: + fp = namespaces[ns] + setns(fp.fileno(), 0) + fp.close() diff --git a/catalyst/main.py b/catalyst/main.py index 543895c6..5536471a 100644 --- a/catalyst/main.py +++ b/catalyst/main.py @@ -7,14 +7,13 @@ import textwrap import toml -from snakeoil.process import namespaces - from DeComp.definitions import (COMPRESS_DEFINITIONS, DECOMPRESS_DEFINITIONS, CONTENTS_DEFINITIONS) from DeComp.contents import ContentsMap from catalyst import log import catalyst.config +from catalyst.context import namespace from catalyst.defaults import (confdefaults, option_messages, DEFAULT_CONFIG_FILE, valid_config_file_values) from catalyst.support import CatalystError @@ -356,15 +355,13 @@ def _main(parser, opts): # use pid & user namespaces, but snakeoil's namespace module has signal # transfer issues (CTRL+C doesn't propagate), and user namespaces need # more work due to Gentoo build process (uses sudo/root/portage). - namespaces.simple_unshare( - mount=True, uts=True, ipc=True, pid=False, net=False, user=False, - hostname='catalyst') + with namespace(uts=True, ipc=True, hostname='catalyst'): + # everything is setup, so the build is a go + try: + success = build_target(addlargs) + except KeyboardInterrupt: + log.critical('Catalyst build aborted due to user interrupt (Ctrl-C)') - # everything is setup, so the build is a go - try: - success = build_target(addlargs) - except KeyboardInterrupt: - log.critical('Catalyst build aborted due to user interrupt (Ctrl-C)') if not success: sys.exit(2) sys.exit(0)